Does anyone know how to completely disable the Personal Email setup on the Blackberry. My company is very strict, and they would like to remove the ability for a user to get their personal email on a work device. Is this possible through an IT policy or something else? Thanks.

__________________
Cry havoc, and let slip the dogs of war
________________________________

I don't believe you can block the inbound messages if someone configured their BIS account. You can however force all outbound messages to pass through the BES server by setting the Allow Other Email Services policy rule to FALSE.

I don't believe you can block the inbound messages if someone configured their BIS account. You can however force all outbound messages to pass through the BES server by setting the Allow Other Email Services policy rule to FALSE.

What you say was all I was able to find when exploring the issue in my environment, but the real reason for my comment is to thank you for those awesome video sig files that you deploy, d_. This current one's a real kicker.

the best way to do this would be to remove the prosumer provisioning from the PIN on the Blackberry Infrastructure. This would need to be done by the network or service provider of whoever supplied the devices. you would need to request that the devices are re-provisioned as enterprise only devices.

this means when they try to register for a BIS account it won't allow it

What Stern said. I had to do the exact same thing when I noticed personal emails were being sent to our corporate handhelds. Our provider assumed we wanted both capabilities so I had to tell them I just want enterprise only, not Enterprise Plus which included BIS functionalities.

It's a bit carrier dependent this one. On Vodafone devices are provisioned for Enterprise and/or Prosumer on the relay as with Vodafone the BlackBerry service itself is a single APN. On O2 for example, there is one provisioning system for the device, but the service is split by tariff (APN). If you have an Enterprise tariff connected to an O2 line, you automatically also get BIS. This really hacks me off becuase as a service provider it means you can't do anything but sell in two services for the price of one, not to mention the security implications which started this whole thread off in the first place. I have a few users who I don't want to give BlackBerry to so they can check their Hotmail all day long, but although you can stop them sending out via BES policy, there's nothing you can do to stop them receiving short of calling the network to ensure there is no Prosumer service on the line (in the case of Vodafone). That said, what's to then stop the user calling the network or provider to get it switched back!!!!

That said, what's to then stop the user calling the network or provider to get it switched back!!!!

I'm not sure how vodafone works, but regular users should not be able to call up the carrier and get anything about a corporate account changed. Period. You should probably have both named callers on the account (whom the users could impersonate I suppose) and some sort of confidential knowledge (like a SSN number on the acct or a verbal password or passphrase). The regular employees should not know this password (duh).

Anyone breaking these rules to modify company equipment should be punished under your company's existing vandalism rules. You HR department should be able to help out here. This is a personnel issue.